Google Chrome prior to 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote malicious users to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
google chrome 21.0.1180.0 |
||
google chrome 21.0.1180.1 |
||
google chrome 21.0.1180.2 |
||
google chrome 21.0.1180.31 |
||
google chrome 21.0.1180.32 |
||
google chrome 21.0.1180.33 |
||
google chrome 21.0.1180.34 |
||
google chrome 21.0.1180.35 |
||
google chrome 21.0.1180.36 |
||
google chrome 21.0.1180.37 |
||
google chrome 21.0.1180.38 |
||
google chrome 21.0.1180.39 |
||
google chrome 21.0.1180.41 |
||
google chrome 21.0.1180.46 |
||
google chrome 21.0.1180.47 |
||
google chrome 21.0.1180.48 |
||
google chrome 21.0.1180.49 |
||
google chrome 21.0.1180.50 |
||
google chrome 21.0.1180.51 |
||
google chrome 21.0.1180.52 |
||
google chrome 21.0.1180.53 |
||
google chrome 21.0.1180.54 |
||
google chrome 21.0.1180.55 |
||
google chrome 21.0.1180.56 |
||
google chrome 21.0.1180.57 |
||
google chrome 21.0.1180.59 |
||
google chrome 21.0.1180.60 |
||
google chrome 21.0.1180.61 |
||
google chrome 21.0.1180.62 |
||
google chrome 21.0.1180.63 |
||
google chrome 21.0.1180.64 |
||
google chrome 21.0.1180.68 |
||
google chrome 21.0.1180.69 |
||
google chrome 21.0.1180.70 |
||
google chrome 21.0.1180.71 |
||
google chrome 21.0.1180.72 |
||
google chrome 21.0.1180.73 |
||
google chrome 21.0.1180.74 |
||
google chrome 21.0.1180.75 |
||
google chrome 21.0.1180.76 |
||
google chrome 21.0.1180.77 |
||
google chrome 21.0.1180.78 |
||
google chrome 21.0.1180.79 |
||
google chrome 21.0.1180.80 |